package com.situ.web.servlet;

import com.situ.web.entity.User;
import com.situ.web.util.JDBCUtil;
//import com.sun.crypto.provider.PBEWithMD5AndDESCipher;
//import org.graalvm.compiler.lir.LIRInstruction;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;

@WebServlet("/user")
public class UserServlet extends HttpServlet {
    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

        String code = req.getParameter("code");
        HttpSession session = req.getSession();
        String sessionCode = (String) session.getAttribute("sessionCode");
        if(code.equals(sessionCode) == false){
            //验证码不正确，重定向到登录页面
            resp.sendRedirect(req.getContextPath()+"/login.jsp");
            return;
        }


        String method = req.getParameter("method");
        switch (method){
            case "login":
                login(req,resp);
                break;
            case "logout":
                logout(req,resp);
                break;
        }
    }

    private void logout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        System.out.println("UserServlet.logout");
        HttpSession session = req.getSession();
        session.invalidate();

        resp.sendRedirect(req.getContextPath()+"/login.jsp");
    }

    private void login(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        System.out.println("UserServlet.login");
        String name = req.getParameter("name");
        String password = req.getParameter("password");

        Connection connection = null;
        PreparedStatement statement = null;
        ResultSet resultSet = null;
        User user = null;
//        ArrayList<User> list = new ArrayList<>();
        try {
            connection = JDBCUtil.getConnnection();
            String sql = "select id,name,password from user where name=? and password=?";
            statement = connection.prepareStatement(sql);
            statement.setString(1,name);
            statement.setString(2,password);
            System.out.println(statement);
            resultSet = statement.executeQuery();
            while (resultSet.next()){
                user = new User(resultSet.getInt("id"),name,password);
//                list.add(user);
            }
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }finally {
            JDBCUtil.close(connection,statement,resultSet);
        }

        if(user != null){//有这个用户，登陆成功去首页（重定向）
            //放入凭证
            HttpSession session = req.getSession();
            session.setAttribute("user",user);
            resp.sendRedirect(req.getContextPath()+"/");
        }
        else{//没有这个用户
            resp.sendRedirect(req.getContextPath()+"/fail.jsp");
        }
    }
}
